never close stdin

The sanitise_stdfd call makes sure that standard file descriptors are
open (if they were closed, they are connected with /dev/null).

Do not close stdin in any case to prevent error messages when stdin is
read multiple times and to prevent later usage of fd 0 for connections,
e.g.

echo localhost | ssh-keyscan -f - -f -

While at it, make stdin-related error messages nicer.

Authored with Max Kunzelmann <maxdev at posteo dot de>

ok djm

diff --git a/usr.bin/ssh/ssh-keyscan.c b/usr.bin/ssh/ssh-keyscan.c
index 825220f..7fb8c9e 100644 (file)
--- a/usr.bin/ssh/ssh-keyscan.c
+++ b/usr.bin/ssh/ssh-keyscan.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.155 2024/01/11 01:45:36 djm Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.156 2024/04/30 15:40:43 tobias Exp $ */
 /*
  * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
  *
@@ -826,7 +826,8 @@ main(int argc, char **argv)
                if (argv[j] == NULL)
                        fp = stdin;
                else if ((fp = fopen(argv[j], "r")) == NULL)
-                       fatal("%s: %s: %s", __progname, argv[j], strerror(errno));
+                       fatal("%s: %s: %s", __progname,
+                           fp == stdin ? "<stdin>" : argv[j], strerror(errno));
 
                while (getline(&line, &linesize, fp) != -1) {
                        /* Chomp off trailing whitespace and comments */
@@ -848,9 +849,11 @@ main(int argc, char **argv)
                }
 
                if (ferror(fp))
-                       fatal("%s: %s: %s", __progname, argv[j], strerror(errno));
+                       fatal("%s: %s: %s", __progname,
+                           fp == stdin ? "<stdin>" : argv[j], strerror(errno));
 
-               fclose(fp);
+               if (fp != stdin)
+                       fclose(fp);
        }
        free(line);